diff --git a/.gitea/workflows/container.yaml b/.gitea/workflows/container.yaml
new file mode 100644
index 0000000..e48b3fd
--- /dev/null
+++ b/.gitea/workflows/container.yaml
@@ -0,0 +1,12 @@
+name: Build Multiarch Container Image
+on: [push]
+jobs:
+  call-reusable-workflow:
+    uses: container/multiarch-build-workflow/.gitea/workflows/build.yaml@main
+    with:
+      repository: ${{ gitea.repository }}
+      ref_name: ${{ gitea.ref_name }}
+      sha: ${{ gitea.sha }}
+      registry_url: ${{ secrets.REGISTRY_URL }}
+      registry_user: ${{ secrets.REGISTRY_USER }}
+      registry_pw: ${{ secrets.REGISTRY_PW }}
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index 914567c..0000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,18 +0,0 @@
-variables:
-  CONTAINER_NAME: thallian/rspamd
-
-build:
-  stage: build
-  image:
-    name: gcr.io/kaniko-project/executor:debug
-    entrypoint: [""]
-  script:
-    - mkdir -p /kaniko/.docker
-    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(printf "%s:%s" "$CI_REGISTRY_USER" "$CI_REGISTRY_PASSWORD" | base64 | tr -d '\n')\"}}}" > /kaniko/.docker/config.json
-    - >-
-      /kaniko/executor
-      --context "$CI_PROJECT_DIR"
-      --dockerfile "$CI_PROJECT_DIR/Dockerfile"
-      --destination "$CONTAINER_NAME:$CI_COMMIT_SHA"
-      --destination "$CONTAINER_NAME:$CI_COMMIT_REF_NAME"
-      --destination "$CONTAINER_NAME:latest"
diff --git a/Dockerfile b/Containerfile
similarity index 57%
rename from Dockerfile
rename to Containerfile
index 3935c7a..16fc7e3 100644
--- a/Dockerfile
+++ b/Containerfile
@@ -1,4 +1,4 @@
-FROM thallian/confd-env:latest
+FROM docker.io/thallian/confd-env:3.19-3.1.6.2
 
 RUN apk --no-cache add \
 	rspamd \
diff --git a/rootfs/etc/rspamd/local.d/dkim_signing.conf b/rootfs/etc/rspamd/local.d/dkim_signing.conf
index 69408b3..41fa64f 100644
--- a/rootfs/etc/rspamd/local.d/dkim_signing.conf
+++ b/rootfs/etc/rspamd/local.d/dkim_signing.conf
@@ -4,3 +4,4 @@
 
 path = "/var/lib/rspamd/dkim/$domain.$selector.key";
 selector_map = "/etc/rspamd/dkim_selectors.map";
+allow_username_mismatch = true;
diff --git a/rootfs/etc/rspamd/local.d/settings.conf b/rootfs/etc/rspamd/local.d/settings.conf
new file mode 100644
index 0000000..2b4b49c
--- /dev/null
+++ b/rootfs/etc/rspamd/local.d/settings.conf
@@ -0,0 +1,7 @@
+authenticated {
+	priority = high;
+	authenticated = yes;
+	apply {
+		groups_disabled = ["rbl", "spf"];
+	}
+}
diff --git a/rootfs/etc/rspamd/local.d/spf.conf b/rootfs/etc/rspamd/local.d/spf.conf
new file mode 100644
index 0000000..d325b52
--- /dev/null
+++ b/rootfs/etc/rspamd/local.d/spf.conf
@@ -0,0 +1 @@
+disable_ipv6 = false;
diff --git a/rootfs/etc/rspamd/local.d/worker-proxy.inc b/rootfs/etc/rspamd/local.d/worker-proxy.inc
new file mode 100644
index 0000000..06e2bce
--- /dev/null
+++ b/rootfs/etc/rspamd/local.d/worker-proxy.inc
@@ -0,0 +1 @@
+bind_socket = "0.0.0.0:11332";
diff --git a/rootfs/etc/rspamd/override.d/options.inc b/rootfs/etc/rspamd/override.d/options.inc
new file mode 100644
index 0000000..f8c4fff
--- /dev/null
+++ b/rootfs/etc/rspamd/override.d/options.inc
@@ -0,0 +1 @@
+local_addrs = ["127.0.0.1"];